[ad_1]
In January 2018, researchers revealed a set of vulnerabilities related to how modern processors perform a function called speculative execution. Spectrum and Meltdown were considered serious, partly because Specter represented a new class of attacks, not a single isolated attack vector. For most of 2018, Intel's "history" has been focused on its response to these attacks.
Nearly a year and a half later, researchers are still looking for categories of similar problems. Several new vulnerabilities have broken the cover and carry various names such as ZombieLoad, RIDL and Fallout (as named by the researchers). Collectively, Intel summarizes them as MDS – Microarchitect Data Sampling. RIDL, for Rogue In-Flight Data Load, was discovered by researchers at the Vrije Universiteit Amsterdam and the Helmholtz Center for Information Security. Fallout was discovered by a group from the Graz University of Technology, KU Leuven, the University of Michigan, and the Worcester Polytechnic Institute. ZombieLoad was discovered by Graz, Worcester and KU Leven.
As a reminder, all these flaws, including Specter and Meltdown, are related to the way processors in general or Intel processors, in particular, perform speculative execution. In the case of RIDL, ZombieLoad, Fallout and MDS more generally, underlined faults seem to be specific to Intel processors.
These problems are due to differences between the architecture of a processor (how is the processor documented to work on paper) and its microarchitecture (how does the processor actually perform the operations "under the hood "?). The speculative execution is exactly what it looks like: The CPU speculates on the operations to be executed next, then executes them so that the results are ready if they are needed, rather than performing these operations after. know they are necessary.
In terms of architecture, all operations are executed in sequence and the only data kept by the CPU are the data it needs to perform the operations. But it is possible to observe the microarchitecture to look for subtle clues about the storage of data on a chip, depending on the time needed to access the information. Measuring these differences can allow attackers to infer data values stored in the cache or in built-in buffers. Previous flaws in the Specter class typically focused on cached data leakage, but new MDS flaws leaked buffered data – tiny data stores that the chip uses to move data internally.
How serious are these attacks?
The seriousness of these new attacks has been the subject of some controversy. Honestly, I am a little dissatisfied with the publicity given to some of this news. Some of you may remember last year, when a supposed security research firm, CTS-Labs, appeared to be collaborating with a short-sellers firm in a blatant attempt to attack the stock price. AMD action by publishing a set of allegedly critical security flaws that revelation Literally implicit could put lives in danger. Absolutely nothing came of these defects, which, as literally predicted by the short seller, Viceroy Research, could reduce the value of AMD's shares to zero. As we discussed at the time, contaminating security information with hyperbolic marketing strategies to make it seem like the problems are even worse than they actually were is a very bad idea, little who is targeted or why.
The situation with Intel is not closeIt's so serious, but it shows some of the same disturbing trends that I talked about last year. The researchers chose to make their efforts known on a website called "CPU.fail", with scary graphics and an FAQ that seems more designed to scare than to inform. When asked if the problems they point out have been abused in nature, for example, they simply answer, "We do not know." But the question of the gravity of the defects of these defects in practice is authentic.
Not incorrect, no. Not particularly nuanced either.
Until now, no attack using Spectrum and Meltdown actually has been spotted in nature, apart from the concept validation work submitted by the researchers. Similarly, taking advantage of MDS is more difficult than what this website entails. Attackers can not directly control what's in the buffers they target, which means the exploit may miss outdated and outdated data. Microcode updates for systems operating between Sandy Lake and Kaby Lake have already been delivered to customers. The first generation Coffee Lake and Whiskey Lake processors are already immune to this attack. The impact of the patch on performance is estimated at about 3%.
Intel's official statement says:
Microarchitectural Data Sampling (MDS) is already supported at hardware level in many of our recent 8th and 9th generation Intel Core processors, as well as in the 2nd generation Intel Xeon scalable processor family. For the other affected products, mitigation is available via microcode updates, associated with the corresponding operating system updates and hypervisor software available from today. # 39; hui. We have provided more information on our website and continue to encourage everyone to keep their systems up-to-date, this is one of the best ways to stay protected. We would like to thank the researchers who have worked with us and our industry partners for their contribution to the coordinated disclosure of these issues.
Until then, the tone of the cover on this issue has varied a lot. Wired takes an alarmist tone, arguing that these flaws "allow the attackers to listen to virtually every raw data that the victim's processor touches" and arguing that the researchers have made it clear that these flaws are quite serious. Intel argues that they are of medium to low severity, given the difficulty of removing them, the lack of practical attacks in the wild and the fact that microcode updates and fixed hardware processors are already on the market. As PCMag notes:
[T]The vulnerabilities in microarchitectural data sampling revealed today seem to be more theoretical at this stage. For the moment, no real attack involving flaws has been encountered and made public. One of the main reasons is probably that hackers can simply use traditional malware to steal data on your PC rather than resort to Intel processor corruption.
The fact that everyone does not update their operating system or hardware shows just how flawed these solutions are, but these are issues we have been facing in terms of computer security since we have computers. Part of the difficulty in determining the severity of a flaw is which experts to listen to. Last year, for example, Theo de Raadt decided to change the default behavior of FreeBSD by disabling Hyper-Threading, considering it a fundamental security risk. Other operating system vendors have not gone so far as to disable this feature preemptively. Is hyper-threading a potential safety risk? Yes. Is there a potential security risk that is serious enough for existing users to disable this feature? The experts are literally at odds. The honest answer is, "It depends," not because everyone wants to be tasteless, but because in a given situation, the appropriate security practices depend on exposure to the threat and the cost of activating patches. in question.
How badly do you take these threats? Serious enough to patch up, certainly. But past that, the practical implications of the real world are still unknown. To date, we have not seen any Spectrum or Meltdown attacks in the wild that pose a threat to Intel processors (or anyone's processors) of any generation. This does not mean that it is impossible to arrive, and this does not relieve Intel of the responsibility of securing its products. But that does not mean invisible hackers are sneaking into your pockets now via hardware attacks that you are not aware of. All security vulnerabilities do not become a practically exploited avenue of attack. Until now, these attacks do not have.
Now read:
[ad_2]
Source link